Product Overview

Amazon Inspector is an on-demand, pay-as-you-go vulnerability assessment service. Inspector uses an on-host agent to analyze the configuration and behavior of operating systems and applications to identify potential security exposures like common vulnerabilities and insecure configuration settings. The Inspector Agent also provides information about the presence of any listening processes when analyzing network configurations for security vulnerabilities. Inspector prioritizes these issues into security findings by severity level and describes how to address issues to secure your environment. Using this AMI ensures that your entire fleet is prepared to run Amazon Inspector assessments.

Highlights

The configuration of the Amazon Linux AMI enhances security by focusing on two main security goals: limiting access and reducing software vulnerabilities. Amazon Inspector checks for known vulnerabilities of applications installed on the AMI.

No additional agent setup is required. To start using Amazon Inspector, simply tag the instances to match the desired Inspector target.

During assessments, the agent gathers OS and application telemetry, looks for listening processes, and securely passes data to the Amazon Inspector Service which prioritizes application vulnerabilities and exposures and open network pathways.